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Thomas Kunz, Michiel F. H. Seuren 

November 1997 Proceedings of the 1997 conference of the Centre for Advanced Studies on 

Collaborative research 
Publisher: IBM Press 

Full text available: ^_pM£,2J..MBJ. Additional Information: fyicjtation, abstract, references, index terrrts 

Understanding distributed applications is a tedious and difficult task. Visualizations based on 
process-time diagrams are often used to obtain a better understanding of the execution of the 
application. The visualization tool we use is Poet, an event tracer developed at the University of 
Waterloo. However, these diagrams are often very complex and do not provide the user with th< 
desired overview of the application. In our experience, such tools display repeated occurrences 
non-trivial commun ... 


2 Copyrights and access-rights: How DRM-based content delivery systems disrupt expected 

of "persona! use" 
^ Deirdre K. Mulligan, John Han, Aaron J. ESurstein 

October 2003 Proceedings of the 3rd ACM workshop on Digital rights management DRM '02 

Publisher: ACM Press 

Full text available: ^i>dfl416,68„K3). Additional Information: Mi citation , abstract, references, index terms, review 

We set out to examine whether current, DRM-based online offerings of music and movies accort 
with consumers' current expectations regarding the personal use of copyrighted works by study 
the behavior of six music, and two film online distribution services. We find that, for the most p; 
the services examined do not accord with expectations of personal use. The DRM-based service: 
studied restrict personal use in a manner inconsistent with the norms and expectations governir 
the purchase and ... 


Keywords: access control, content distribution, copyright, digital rights management, fair use, 
personal use, privacy 

3 Informal^ 

&! due. to j.nsider..attack 

^ Yang Yu, Tzi-cker Chiueh 

October 2004 Proceedings of the 4th ACM workshop on Digital rights management 

Publisher: ACM Press 
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Full text available: ^ pdf{311.80 K3) ' Additional Information: foil citation, abstract, references, index terms 

Insider attack is one of the most serious cybersecurity threats to corporate America. Among all 
insider threats, information theft is considered, the most damaging in terms of potential financia 
loss. Moreover, it is also especially difficult to detect and prevent, because in many cases the 
attacker has the proper authority to access the stolen information. According to the 2003 CSI/F 
Computer Crime and Security Survey, theft of proprietary information was the single largest 
category of los ... 

Keywords: access, digital rights management, information theft, insider attack 


4 On-jine„erwajjet.sy^ 

Stig Frode Mjolsnes, Chunming Rong 

February 2003 Mobile Networks and Applications, volume 8 issue l 
Publisher: Kluwer Academic Publishers 

Full text available: ^pdft240J3.KBJ Additional Information: Ml cjlBtion, abstract, reierences, indexjems 

We propose a generalization of the architecture of an electronic wallet, as first developed in the 
seminal European research project CAFE. With this model you can leave most of the content of* 
electronic wallet at the security of your residential electronic keeper, while roaming with your 
favorite mobile terminals. Emerging mobile handsets with both short range Bluetooth and cellul; 
GPRS communications provide a sufficient communication platform for this electronic wallet 
architecture. Howe ... 

Keywords: digital credentials, e-wallet architecture, mobile commerce, payment protocols, pri\ 
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Privacy through pseudonvmity in user-adaptive systems 
Alfred Kobsa, Jorg Schreck 

May 2003 ACM Transactions on Internet Technology (TOIT), volume 3 issue 2 
Publisher: ACM Press 

Additional Information: full citation, abstract, references, citings, index terms 


Full text available: TO pdf{981.69 KB) 

®^ review 

User-adaptive applications cater to the needs of each individual computer user, taking for exam 
users' interests, level of expertise, preferences, perceptual and motoric abilities, and the usage 
environment into account. Central user modeling servers collect and process the information ab 
users that different user-adaptive systems require to personalize their user interaction.Adaptive 
systems are generally better able to cater to users the more data their user modeling systems 
collect and ... 

Keywords: Chaum mix, KQML, User modeling, access control, anonymity, encryption, personal 
information, personalization, privacy, pseudonymity, reference model, secrecy, security, user- 
adaptive systems 


Secure program partitioning 

Steve Zdancewic, Lantian Zheng, Nathaniel Nystrom, Andrew C. Myers 

August 2002 ACM Transactions on Computer Systems (TOCS), volume 20 issue 3 

Publisher: ACM Press 

Full text available: ^||| pdf*497 12 KB) Additional Information: full citation, abstract, references, index terms 

This paper presents secure program partitioning, a language-based technique for protecting 
confidential data during computation in distributed systems containing mutually untrusted hosts 
Confidentiality and integrity policies can be expressed by annotating programs with security typ 
that constrain information flow; these programs can then be partitioned automatically to run 
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securely on heterogeneously trusted hosts. The resulting communicating subprograms collective 
implement the original p ... 

Keywords: Confidentiality, declassification, distributed systems, downgrading, integrity, mutua 
distrust, secrecy, security policies, type systems 


Sam Micfiiels, Kristof Verslype, Wouter Joosen, Bart De Decker 

November 2005 Proceedings of the 5th ACM workshop on Digital rights management DRM ' 
Publisher: ACM Press 

Full text available: ^|)dfg96^i.KBJ Additional Information: Ml citation, abstract, references, index terms 

The domain of digital rights management (DRM) is currently lacking a generic architecture that 
supports interoperability and reuse of specific DRM technologies. This lack of architectural suppc 
a serious drawback in light of the rapid evolution of a complex domain like DRM. It is highly unli 
that a single DRM technology or standard will be able to support the diversity of devices, users, 
platforms, and media, or the wide variety of system requirements concerning security, flexibility 
a ... 

Keywords: DRM, software architecture 


8 Identification control: Owner-controiied information 
|& Carrie Gates, Jacob Slonim 

^ August 2003 Proceedings of the 2003 workshop on New security paradigms 
Publisher: ACM Press 

Full text available: ^ pdfd.06 MB) Additional Information: fall citation, abstract, references 

Information about individuals is currently maintained in many thousands of databases, with mui 
that information, such as name and address, replicated across multiple databases. However, thi 
proliferation of personal information raises issues of privacy for the individual, as well as 
maintenance issues in terms of the accuracy of the information. Ideally, each individual would o 
maintain and control his personal information, allowing access to those who needed at the time 
was needed. O ... 

Keywords: architecture, privacy, security 


9 Bracket capabilities for distributed systems security 
Mark Evered 

January 2002 Australian Computer Science Communications , Proceedings of the twenty-fil 
Australasian conference on Computer science - Volume 4 CRPITS '02, volume 2 

Issue 1 

Publisher: Australian Computer Society, Inc. , IEEE Computer Society Press 

Full text available: ^.p.d$Zl.€LiZ. Additional Information: feiLPitatjoa, abstract, references, gtiffflS, LO^exJerras 

The per-method access control lists of standard middleware technologies allow only simple form 
access control to be expressed and enforced. Research systems based on capabilities provide a 
secure mechanism but also fail to support more flexible security constraints such as parameter 
restrictions, logging and state-dependent access. They also fail to enforce a strict need-to-know 
of a persistent object for each user. In this paper we present the concept of bracket capabilities 
a ... 

Keywords: distributed systems, objects, security 
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1 0 Jnf ormatijon Jechno 
Roger Clarke 

May 1988 Communications of the ACM, volume 3i issue 5 
Publisher: ACM Press 

Additional Information: Ml .citation, abstract, references, citings, jMex.ierms 


Full text available: W pdf( 189 MB) 

^ review 

Data surveillance is now supplanting conventional surveillance techniques. With this trend come 
monitoring methods such as personal dataveillance and mass dataveillance that require more 
effective safeguards and a formal policy framework. 

11 Applications, services, and architecture: Smart edge server: beyond a wireless access poir 
^ Manjunath, T. Simunic, V. Krishnan, J. Tourrilhes, D. Das, V. Srinivasmurthy, A. McReynolds 

October 2004 Proceedings of the 2nd ACM international workshop on Wireless mobile 
applications and services on WLAN hotspots 

Publisher: ACM Press 

Full text available: ^pdft410.J8„K3) Additional Information: Ml .citation, abstract, references, jMexteros 

Wireless access at cafes, airports, homes and businesses have proliferated all over the globe wh 
several different Wireless Internet Service Providers. Similarly, digital media has created a para 
shift in media processing resulting in a complete change in media usage models, revamped exis 
businesses and has introduced new industry players. We believe there is a tremendous opportui 
for application and system services at the intersection of the above two domains for exploiting t 

Keywords: access point, low-power, management, media, security, wireless 
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Mark D. Corner, Brian D. Noble 

May 2003 Proceedings of the 1st international conference on Mobile systems, applicatior 


and services MobiSys '03 
Publisher: ACM Press 

Full text available: ^i>df(.2M.4fi.KBJ Additional Information: Ml ciMion, abstract, references 

How does a machine know who is using it? Current systems authenticate their users infrequentl 
and assume the user's identity does not change. Such persistent authentication is inappropriate 
mobile and ubiquitous systems, where associations between people and devices are fluid and 
unpredictable. We solve this problem with Transient Authentication, in which a small hardware t 
continuously authenticates the user's presence over a short-range, wireless link. We present the 
fo... 

13 Video portals for the next century (panel session) 

Rob Koenen, Heather Yu, Avideh Zakhor, Francis Galliano, Charles Bouman 
^ October 1999 Proceedings of the seventh ACM international conference on Multimedia (Par 

Publisher: ACM Press 

Full text available: ^.pdf(650 : 29 KB} Additional Information: fJlLcrtation, iQdextejrms 


14 A structure for a defense software reuse marketplace 

James W. Moore 
^»^ : May 1994 ACM SIGAda Ada Letters, volume xiv issue 3 

Publisher: ACM Press 

Full text available: ^ pdf(996.60 K3) Additional Information: full citation, abstract, index terms 

The paper begins by briefly examining the demand for reusable software components and the 
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characteristics of the defense industry which serve to differentiate its needs from those of a bro 
commercial reuse industry. The approach of providing a single library for defense reuse is exam 
and discarded. The bulk of the paper examines how a reuse marketplace might be built upon th 
existence of multiple libraries. The operations of a reuse marketplace are described and possible 
specializations ... 

15 Implementing^ 

Kerry Taylor, James Murty 

January 2003 Proceedings of the Australasian information security workshop conference oi 
ACSW frontiers 2003 - Volume 21 CRPITS '03 

Publisher: Australian Computer Society, Inc. 

Full text available: ^pdf(217.89 K3) Additional Information: MjPMti&L abstract, rejferencegj citings, [ndex.tem)s 

There is rapidly increasing interest in Australia in on-line sharing of information stored in corpor 
databases, especially within and between staff of independent government agencies. Biological 
collections databases and population health GIS are good examples of the frequent situation wh 
database custodians are looking for dynamic, distributed, heterogenous federated information 
system models for information sharing within loosely constituted communities. This paper descr 
a security m ... 

Keywords: RBAC, federated databases 


16 Classroom discussions: policies and responsibilities of Internet Service Providers 



Mary J. Granger, Joyce Currie Little 

June 2003 ACM SIGCSE Bulletin , Proceedings of the 8th annual conference on Innovatior 


technology in computer science education ITiCSE '03, volume 35 issue 3 
Publisher: ACM Press 

Full text available: ^ pdf- 30? 74 KB) Additional Information: full citation, abstract, references, index terms 

Since the early to mid 1990s, with the advent of easy to use browser software, the Internet has 
become available to those outside the community of researchers and knowledgeable users. 
Currently, anyone with computing and some type of networking capability is able to connect to 
internet: some still through University and work-place links, others through internet Service 
Providers (ISPs). For their customers, these ISP provide an entry point into the Internet and mc 
control or monitor activit ... 

Keywords: ISPs, Internet Service Providers, intellectual property, privacy, security 


17 Starting a university microcomputer maintenance program 

Roger N. Addelson, Don M. Wee 
^ September 1986 Proceedings of the 14th annual ACM SIGUCCS conference on User services 
setting the direction 

Publisher: ACM Press 

Full text available: ^pdf£2.73.MB) Additional Information: Ml citation, citings, indexiejms 


18 Securing context-aware applications using environment roles 

Michael J. Covington, Wende Long, Srividhya Srinivasan, Anind K. Dev, Mustaque Ahamad, Gregop 
Abowd 

May 2001 Proceedings of the sixth ACM symposium on Access control models and 

technologies 
Publisher: ACM Press 

Full text available: ^.pdg13107 KB) Additional Information: fo]].c.8ati.pn J abstract, references, citings, index.terms 
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In the future, a largely invisible and ubiquitous computing infrastructure will assist people with ; 
variety of activities in the home and at work. The applications that will be deployed in such syst 
will create and manipulate private information and will provide access to a variety of other 
resources. Securing such applications is challenging for a number of reasons. Unlike traditional 
systems where access control has been explored, access decisions may depend on the context i 
which re ... 

Keywords: context aware computing, role-based access control 


19 Raising.Mudent aware 

Jennifer A. Polack-Wahl, Marsha Zaidman 

December 2005 Journal of Computing Sciences in Colleges, volume 21 issue 2 
Publisher: Consortium for Computing Sciences in Colleges 

Full text available: ^i>dftlM.65.K3) Additional Information: Ml citation, abstract, references, index terms 

The authors present two case studies of actual situations. These scenarios, related issues, and 
possible outcomes are presented. Professors can use these studies in a classroom setting to 
stimulate discussion, raise awareness of underlying issues related to the technology, and 
demonstrate to students how to evaluate such situations in the future. This paper discusses two 
common ethical issues that may affect students' daily lives. 

20 Risks to the public in computers and reiated systems 
Peter G. Neumann 

^ January 2002 ACM SIGSOFT Software Engineering Notes, Volume 27 issue 1 
Publisher: ACM Press 

Full text available: *||| pdffl .41 M3) Additional Information: full citation 
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